After the second step, the function's original definition is obfuscated and cannot be queried from the system tables.

However, the current transaction log contains both statements and therefore still has the definition available. The same would be available when the statements will be distributed by SQL Remote's passthrough mode, and the remote would run in verbose mode.

Is there a way to create a hidden function (or procedure, trigger or view) in one step, not leaving the original definition in the log file?

(Note: I'm aware that this is just obfuscation and not strong encryption.)

Just a remark: The hidden definition does also contain information about the function's parameters and return type. This is still available in system table sysprocparm - for obvious reasons: Otherwise, the function would not be usable anymore IMHO...

Another workaround (or enhancement, depending on your point of view) might be to store the critical core text of the procedure in a LONG VARCHAR column in a CREATE TABLE ... ENCRYPTED, and run it with EXECUTE IMMEDIATE.